<?php
if (preg_match('/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/', $_POST["username"]) & preg_match('/^[a-zA-Z0-9]{5,15}/', $_POST["password"])) {
	if ($_POST['username'] != "") {
		include 'setting.php';
		$con = mysqli_connect($sqldatabase, $sqlusername, $sqlpassword,$sqltable);
		mysqli_query($con,'set names utf8'); 
		$result = mysqli_query($con,"SELECT * FROM userdata where username='" . $_POST['username'] . "'");
		$is_reg = false;
		$nickname = "";
		$password = "";
		while ($row = mysqli_fetch_array($result)) {
			$is_reg = true;
			$nickname = $row["nickname"];
			$password = $row["password"];
		}
		if (!$is_reg) {
			echo("<!DOCTYPE html><html><head><meta charset=\"utf-8\"></head><script type=\"text/javascript\">alert(\"登录失败，用户名或密码不正确\");window.location.href='http://'+document.domain;</script>");
		} else {
			if ($password == $_POST["password"]) {
				$checkcode = md5($_POST["username"] . "dogmaclient!!!!!q6q6" . time());
				mysqli_query($con,"UPDATE userdata SET checkcode = '" . $checkcode . "' WHERE username = '" . $_POST["username"] . "'");
				setcookie("nickname", $nickname, time() + 180000, "/");
				setcookie("check", $checkcode, time() + 180000, "/");
				echo("<!DOCTYPE html><html><head><meta charset=\"utf-8\"></head><script type=\"text/javascript\">window.location.href='http://'+document.domain+'/admin.php';</script>");
			} else {
				echo("<!DOCTYPE html><html><head><meta charset=\"utf-8\"></head><script type=\"text/javascript\">alert(\"登录失败，用户名或密码不正确\");window.location.href='http://'+document.domain;</script>");
			}
		}
		mysqli_close($con);
	} else {
		echo("<!DOCTYPE html><html><head><meta charset=\"utf-8\"></head><script type=\"text/javascript\">alert(\"登录失败，参数错误\");window.location.href='http://'+document.domain;</script>");
	}
} else {
	echo("<!DOCTYPE html><html><head><meta charset=\"utf-8\"></head><script type=\"text/javascript\">alert(\"登录失败，用户名或密码不正确\");window.location.href='http://'+document.domain;</script>");
}
?>